Speakers
Synopsis
Inherent in both authentication and authorisation is the element of authority, although it is rarely discussed and often taken for granted. Every organisation has at least one system and at least one user privilege that has the ultimate authority over all the rest. A high authority user and system that, when compromised, can change other privileges and access rights to allow for uninterrupted havoc. The user with ultimate authority is usually an executive, administrator, root account or master certificate of local authority. The systems with ultimate authority are usually ones that dispense authority: Identity and Access Management systems e.g., Kerberos, Radius, Diameter, OAuth2. Exploiting high authority users and supply-chain systems is desirable for threat actors.
We propose a mechanism wherein we decouple the authority from authentication and authorisation. Moreover, our proposed system decentralises the authority granting processes so that authority is exclusively governed by an external decentralised network. Cryptographic operations necessary to exert the authority are performed using threshold techniques (i.e., secure multi-party computation). In this way, keys are never stored in one place; fragments of any one key are distributed over the network and never assembled.
This mechanism can extend the current Zero-Trust model to augment the security of current IAM systems. In effect, the IAM relinquishes the final authority of every JIT authorisation to this external decentralised network. The single point of failure inherent in an IAM system is mitigated in this way, but the IAM itself still otherwise operates as it already did.
Furthermore, decoupling authority opens new possibilities and opportunities elsewhere. One such opportunity is in the privacy space: users of a system may have absolute verifiable authority over their own data stored on the system, allowing more control over who can and cannot access their data potentially even preventing the system itself from having access to their data if appropriate.
We will introduce the idea of decoupled and decentralised authority, illustrating the key points using the case study of a prototype system currently being developed to extend Keycloak, an existing open source IAM system. We will also discuss some other possibilities opened by decoupling authority in a system.
This work is partnership with RMIT researchers: Joanne L. Hall, Matthew P. Skerritt, and Geetika Verma and the TIDE foundation: Yuval Hertzog, Michael Loewy, Julio Medeiros, and Dominique Valladolid.
